[ovs-dev] [PATCH 2/2] xlate: Use datapath clone action for patch port translation
Andy Zhou
azhou at ovn.org
Wed Jun 7 18:28:09 UTC 2017
On Tue, Jun 6, 2017 at 5:01 PM, Ben Pfaff <blp at ovn.org> wrote:
> On Fri, May 26, 2017 at 08:47:45PM -0700, Andy Zhou wrote:
>> When available, use datapath 'clone' for patch port translation.
>> Clone provides a stronger guarantee that packet will be restored
>> after going through a patch port, Even in case the packet is
>> NAT'd by the bridge behind the patch port.
>>
>> Signed-off-by: Andy Zhou <azhou at ovn.org>
>
> Thanks for working on this. It is good to improve the correctness of
> the datapath implementation of OpenFlow actions, and this is the weakest
> point in correctness that I currently know about.
>
> This approach seems correct, but expensive in the common case where the
> packet does not need to be restored, since "clone" and "sample" are
> expensive datapath actions: I expect that they are more expensive than a
> few "set field" actions, and certainly more expensive than doing
> nothing. I think that there are only a few datapath actions that make
> changes that later datapath actions can't restore. Can the code here
> check whether any of those actions are actually used, and avoid using
> "clone" or "sample" in the common case?
Make sense. I will work on implementing this and repost.
More information about the dev
mailing list